usmAddUserName v usmAddUser

Tue Sep 24 03:51:58 CEST 2002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 23 Sep 2002 at 20:48, Frank Fock wrote:

> Hi Doc,
> 
> It is indeed very simple :-) When you are using
> usm->add_localized_user(..)
> you must provide *keys* not passwords. "meauth"
> is obviously not a MD5 hash with a length of 64 bytes!
> 

Duh!! 

Mind you, in my defense, add_localized_user() is returning SNMPv3_USM_OK. 
If it had returned an error, I would have watched what was happening under 
the debugger and (presumably) kicked myself 15 times as soon as I saw the 
problem.

You or Jochen might want to consider having the function return an error 
for idiots like me.

And my second defense is that it isn't obvious that "unknown securityName" 
really means "you're a twit who didn't pass me a key with the right length" 

:-)

> Please localize the passwords with the remote engine ID
> (MD5 hash password+engineID+padding) with apPasswordToKeyMD5
> first.
> 

Actually, I can't do that; these keys are derived in a way that's 
completely different from normal SNMPv3 -- there are no passwords involved 
at all. That's why I need to call the localized function directly instead 
of simply adding a usm user by passing ordinary passwords.

> Hope this helps (finally ;-)
> 

I'll tell you after I've stopped kicking myself :-)

  Doc

PS Of course, what you meant to say (I think) was "a length of 16 octets". 
I just note that in case your message confuses someone else.

PPS THANK YOU!